This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft File: 0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json) Hash identifier: U3QAJcNpvSMRelaLUdvaEdks+z43vaN+gM7IdvBCOSM= Subject key identifier: 8E:E4:77:19:83:D3:D3:5F:F7:49:B8:03:E3:16:9E:2B:01:FA:93:3F Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1 Certificate issuer: /CN=d2386bed83b645a2bae1389f53d9657d919e76d1 Certificate serial: 019AF50A6007788120E20D19D85225BBAEA3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft Manifest number: 0B28 Signing time: Sat 06 Dec 2025 19:01:28 +0000 Manifest this update: Sat 06 Dec 2025 19:01:28 +0000 Manifest next update: Sun 07 Dec 2025 19:01:28 +0000 Files and hashes: 1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: 4uAXiEvj6JANlLIbvm242iAok/y5IZ/HwZV7BWodu+w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:60:07:78:81:20:e2:0d:19:d8:52:25:bb:ae:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1 Validity Not Before: Dec 6 19:01:28 2025 GMT Not After : Dec 7 19:01:28 2025 GMT Subject: CN=8ee4771983d3d35ff749b803e3169e2b01fa933f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8c:f4:a2:a2:44:ef:84:db:67:c6:40:90:1b: 89:69:f3:6e:86:9c:1b:bb:a8:08:31:96:03:3d:a0: cc:cd:48:28:87:1a:66:31:8c:88:61:c4:af:02:b8: d0:21:fa:d5:b8:9b:41:f9:b5:c9:16:4f:3e:fe:80: 91:39:5c:65:9f:73:5c:b5:e7:9c:78:ab:53:8d:7b: 2f:c1:29:17:6d:f5:1a:a3:9e:0b:c0:10:06:a0:30: 53:54:6c:df:aa:12:5c:f4:14:4d:08:7b:24:f3:94: 7b:02:c1:3b:a3:77:79:62:31:3e:26:1b:f6:5a:66: 01:3c:c6:79:06:0b:76:4e:19:19:c9:ac:50:22:5e: 24:f9:52:5d:8a:79:12:25:ce:48:0e:ad:3f:f0:bf: c7:48:58:b0:52:6f:ae:66:0c:00:36:24:c1:e4:0e: 84:85:e1:92:15:0f:5a:00:4b:11:e7:0c:5a:1d:ba: 48:44:fd:5f:f8:0c:de:34:46:6b:3e:06:88:fa:f8: 5b:28:d4:50:7c:80:7d:62:cd:38:fd:13:76:3d:fb: 6a:25:a8:26:ec:34:3e:83:09:a3:40:74:64:88:37: b3:07:97:e4:d7:35:67:1d:31:b9:c2:00:2a:bd:fe: e7:a6:83:ad:9e:34:46:5e:27:6e:0f:0a:59:d7:d1: 32:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E4:77:19:83:D3:D3:5F:F7:49:B8:03:E3:16:9E:2B:01:FA:93:3F X509v3 Authority Key Identifier: keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:fa:ef:dc:0d:30:05:60:fb:3a:72:8c:0a:42:ed:bf:f8:7d: 06:f2:8d:02:4e:77:c1:2a:7d:93:e7:4a:53:03:3d:d0:e4:8b: 0e:40:c7:0a:e5:74:7f:a6:6f:b3:31:1b:bd:f1:3c:e2:91:ad: 3f:1d:08:0b:88:95:b0:10:b0:a1:47:8b:6a:d4:07:84:57:47: 5f:79:27:84:67:89:7e:85:71:bd:87:79:23:a7:03:e5:04:d6: a0:f3:98:72:7c:64:0b:4e:e7:b4:bb:7b:92:52:ea:04:56:94: 67:78:12:97:12:80:09:bf:a9:6a:00:56:98:16:15:5b:65:99: 3d:8d:7d:08:c1:b1:02:67:9e:c3:de:ab:e2:90:c7:e8:cb:54: ae:98:f0:6c:47:ca:b0:9c:cc:68:15:99:42:85:da:ec:6e:a1: 26:04:12:17:a5:f1:66:c5:b5:23:ff:4f:d7:b0:c1:c9:dd:d7: c6:16:65:84:98:8a:a5:06:4d:cb:52:59:90:f1:dd:47:a2:43: 9a:91:ae:85:43:9c:92:4c:4e:19:4c:f4:17:b7:86:2b:06:7a: 72:f0:23:61:f7:eb:34:74:3c:75:c3:f0:36:b1:d1:3f:c3:e6: 4e:3f:69:ff:f9:a7:52:0b:99:40:e0:aa:06:95:db:7c:65:c9: 13:2b:fe:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CmAHeIEg4g0Z2FIlu66jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5 ZTc2ZDEwHhcNMjUxMjA2MTkwMTI4WhcNMjUxMjA3MTkwMTI4WjAzMTEwLwYDVQQD Eyg4ZWU0NzcxOTgzZDNkMzVmZjc0OWI4MDNlMzE2OWUyYjAxZmE5MzNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIz0oqJE74TbZ8ZAkBuJafNuhpwb u6gIMZYDPaDMzUgohxpmMYyIYcSvArjQIfrVuJtB+bXJFk8+/oCROVxln3Ncteec eKtTjXsvwSkXbfUao54LwBAGoDBTVGzfqhJc9BRNCHsk85R7AsE7o3d5YjE+Jhv2 WmYBPMZ5Bgt2ThkZyaxQIl4k+VJdinkSJc5IDq0/8L/HSFiwUm+uZgwANiTB5A6E heGSFQ9aAEsR5wxaHbpIRP1f+AzeNEZrPgaI+vhbKNRQfIB9Ys04/RN2PftqJagm 7DQ+gwmjQHRkiDezB5fk1zVnHTG5wgAqvf7npoOtnjRGXiduDwpZ19EyiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI7kdxmD09Nf90m4A+MWnisB+pM/MB8GA1UdIwQY MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5 LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfrv3A0w BWD7OnKMCkLtv/h9BvKNAk53wSp9k+dKUwM90OSLDkDHCuV0f6ZvszEbvfE84pGt Px0IC4iVsBCwoUeLatQHhFdHX3knhGeJfoVxvYd5I6cD5QTWoPOYcnxkC07ntLt7 klLqBFaUZ3gSlxKACb+pagBWmBYVW2WZPY19CMGxAmeew96r4pDH6MtUrpjwbEfK sJzMaBWZQoXa7G6hJgQSF6XxZsW1I/9P17DByd3XxhZlhJiKpQZNy1JZkPHdR6JD mpGuhUOckkxOGUz0F7eGKwZ6cvAjYffrNHQ8dcPwNrHRP8PmTj9p//mnUguZQOCq BpXbfGXJEyv+gQ== -----END CERTIFICATE-----Generated at Sun Dec 7 03:43:14 2025 by rpki-client